Recent high profile ransomware attacks have illuminated the need to strengthen cybersecurity ... [+] measures.
If it seems that cybersecurity attacks are on the rise, you are not mistaken. When this year is in the books, every industry report will show how the frequency of attacks escalated exponentially again while the cost of attacks became higher than ever before. We are less than five months into 2021, and with the Colonial Pipeline attack, we already witnessed one of the costliest cyberattacks ever. The cycle for major cyber incidents has now become a matter of daysnot weeksas we witness continued major ransomware attacks, data loss, major breaches, as well as intelligence and industry warnings. If there was ever a time to get serious about cybersecurity, that time is now.
On May 7, 2021, Colonial Pipeline, an American oil pipeline that carries gasoline and jet fuel to the Southeastern United States, suffered a ransomware cyberattack that impacted the essential equipment managing the pipeline. The impact was so severe that it led to emergency declarations from President Biden, as well as the Governor of Georgia.
While the Colonial Pipeline hack has been well documented in terms of multi-billion dollar impact to the economy of the US, consider the recent major Microsoft Exchange platform vulnerability that has been cycling in the news as well. The industry struggled with remediation on this issue because tens of thousands of customers use this software suite and the platform was specifically targeted due to its wide base. Known to the industry as the HAFNIUM incident, the name comes from a state sponsored cyber espionage group out of China that has been profiled as the actors behind the vulnerability. Once infected, affected servers allowed remote code execution and untrusted network activity, even after some of the existing patch updates.
Another incident that comes to mind is a recent security breach that affected an industry-wide networking equipment and Internet of Things (IoT) devices provider known as Ubiquiti. In early January 2021, the company started notifying customers about an unauthorized access issue found on the management services for Ubiquiti systems. Months later, the understanding of the impact has grown to include loss of root credentials for cloud services, databases, private cryptographic encryption keys, and more for thousands of direct and indirect clients.
And just a few short months ago, the SolarWinds supply chain software attack shocked many throughout the industry. Once again, the scale of impact was thrust upon thousands of companies. With each passing day, the threat is becoming more real than ever before.
The pandemic, and its resulting changes to the business world,accelerated digitalizationof business processes, endpoint mobility and the expansion of cloud computing in most organizations, revealing legacy thinking and technologies, according to Peter Firstbrook from Gartner. Old technologies and antiquated processes are definitely to blame. But also far too often, we witness the adoption of principles where ransomware victims just pay up. As many as a third of businesses in 2021 that reported a ransomware attack decided to pay the ransom. Paying ransom demands encourages more hackers and the statistics show that not only do hackers come back to attack businesses that paid, less than 10 percent of the data that is paid out is ever completely recovered. Paying for crime doesnt pay off and it is a glaring example of poor preparedness and lack of strategy. The guard cannot be let down as millions of people continue to be impacted by these issues daily. Cybersecurity incidents are creating a bigger impact on the economy than many people have realized as evidenced in the recent ransomware attack on the Colonial Pipeline which shut down the Eastern Seaboard. We need to evaluate what we are collectively doing right and what we are doing wrong.
There are, however, positive steps that can be done immediately. We can apply the best of what we know to deal with these significant threats.
The first elementary step is to do some widespread cleanup. Get rid of all instances of default passwords, all of those passwords you think cannot be changed and all of those strange devices and components that do not have any passwords in place. Even if its on your private network, everything can be a vector and hackers know it.
Next, Enterprise IT needs to come to terms with our collective lazy nature. This means going through every component of an environment that is old, that was set up before anyone knew better or was set up with the focus on convenience or speed. These are classic weakest link scenarios, and they are lying around everywhereno environment is above these missteps.
Enterprises need to support greater cybersecurity urgency now, review security planning and embrace the leading principles of comprehensive cybersecurity. Ultimately, the price to be paid is unwavering diligence and a hyper-focus on better comprehensive security starting with protecting the castle, recovering from a breach and then assurance that future attacks cannot be detrimental.
You can protect your assets and organization by following and looking for solutions that focus on:
You can plan for a recovery from a breach by implementing:
You need to have assurance that your infrastructure is truly protected by routinely conducting:
Only when we take this trinity of protection, recovery, and assurance are we able to reduce risks substantially and beat the bad actors.
Based on the continual cycle of breach information continues to emerge, there is no reason to hold back on cybersecurity planning and budget. Organizations need to push the pedal on evaluation, assessment, monitoring, and contingency planning, and shift their mindset to always assume a breach is underway. Not only should organizations break the glass and get their security playbook in full swing, but also break the bank to fund it.
Go here to read the rest:
Its Time To Break Glass On Cybersecurity Urgency - Forbes